A template with full RESTful user account management for user-account based web apps
- Database / Data store: MongoDB,
- Server app: Node.js, Express.js
- Views: EJS
Breaking the server directory structure into resources of business logic each with its inner MVC framework (i.e. product-centric) instead of the usual MVC monolithic framework: https://github.com/i0natan/nodebestpractices/blob/master/sections/projectstructre/breakintresources.md
Each user account store both password salt and hash in a version-specific strategy to allow for future implementations of more secure password encryption/one-way-encoding strategies while allowing for backward compatibility of accomodating existing users with encrypted/one-way-encoded passwords stored with older strategies.
Uses AirBNB enforced by eslint.
All requests and responses mostly follow the guidelines of JSON API to allow for consistent data models while having the benefit of a standardised interface via HTTP between client and server applications, either internal or external.
Each resource has its own set of /views/{resource} and SHOULD be located within a folder with the name {resource} within its own views/ folder. All of the views/ folders for each initalised component will share the hierarchy, and this is to prevent conflicting file pointers during res.render, e.g. server/resources/users/views/index.ejs refer to the same file as client/views/index.ejs.
Dependencies:
expressbodyparserdotenv- manage sensitive or contextual environment variablesmongoose- NoSQL modelling (http://mongoosejs.com/)passport- user local and social media authentication strategies.passport-local(Local).
uuid- used to generated UUIDs for unique user identifiersbcrypt- string hashing librarymorgan- needed for passport local strategycookie-parser- needed for passport local strategyexpress-session- needed for passport local strategyconnect-flash- Flash messages which are stored in sessions
Developer dependencies:
@babel/core- Foundation for Babel@babel/cli- Lets Babel to be used on the command line@babel/node- Lets nodemon compiling with Babel presets and plugins@babel/preset-env- Let Babel automatically manage syntax transforms@babel/plugin-transform-runtime- Used by Babel to overcome regeneratorRuntime is not defined issues.@babel/runtime- Same asbabel-plugin-transform-runtime, but for production.eslint- Makes code consistenteslint-config-airbnb-base- Installed automatically when initialising eslint for AirBNB styleguideeslint-plugin-import- Installed automatically when initialising eslint for JavaScript modulesnode-source-map-support- For error tracing to thesrc/folder during development and debugging in conjunction with enabling Babel's native source mapping being implemented in npm scripts
- On project root level, install packages:
npm install. npm manages both server and client resource dependencies. - Run
npm startornodemonif you have installed it via npm globally on your machine.
To set up a remote MongoDB, these are some options:
Create the following tables:
users
- Declare multiple views locations in Express
- Babel Node Guide
- OWASP
- It's okay to store a salt next to a hash
- Deciding on a full stack framework: https://webinerds.com/6-web-development-stacks-try-2017/
- Best practices informational resource: https://github.com/i0natan/nodebestpractices#1-project-structure-practices
- Folder naming conventions on best or common practices: https://gist.github.com/woodysee/f4e5dff6ede764da422f3599221c723f
- https://www.sitepoint.com/node-js-mvc-application/
- https://twitter.com/nodepractices/
- Passport JS Local Strategy template
- How to connect Robo 3T to a MongoDB Atlas cluster